Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use of scanf() operation that permits buffer overflows [Security Vulnerability] #192

Open
3 tasks
jishanshaikh4 opened this issue Jun 23, 2021 · 0 comments
Open
3 tasks

Comments

@jishanshaikh4
Copy link

The scanf() family's %s operation, without a limit specification, permits buffer overflows. Buffer overflow is one of the most common class of vulnerabilities.

LABEL: Bug
SEVERITY: Major
SOLUTION: Specify a limit to %s, or use a different input function.
COMMON WEAKNESS ENUMERATION INDEX: CWE-120, CWE-20

Instances found in the GitHub repository:

  • src\glove.c:324
  • src\glove.c:305
  • src\cooccur.c:258
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant